![]() ![]() Your ‘Organisation’ must be using Azure Active Directory (doesn’t require Premium).The requirements for Guest Accounts in Identity Manager are: You don't need to manage their account - if they forget their password its done at their Company's end, and you can even enforce additional Multifactor Authentication. When using Azure Active Directory as a 3rd Party IDP in Identity Manager, you can invite a user to your Directory and they can log into Identity Manager and access the portal and any SaaS Applications you assign. But what I realised was that we were able to leverage this for using Guest Accounts in VMware Identity Manager. This means that if you have a Cloud Application federated with your Azure Tenant, you can simply invite their account and once they accept they can log in with their existing credentials and gain access. Guest Accounts are part of the Azure Active Directory Business to Business (B2B) capability where you can invite users from another Organisation's Azure Active Directory to have access to resources in yours. Whether they are for contractors or external vendors, the time in creating these resetting passwords and then deprovisioning them is very time consuming - let alone the security implications if the accounts aren't removed.Ī little while ago I was introduced to Azure AD Guest Accounts by a colleague. Creating and managing the lifecycle of user accounts for users outside your organisation painful.
0 Comments
Leave a Reply. |